<?PHP

$password = $_POST['password'];
$email = $_POST['email'];
if(!empty($_POST['site_number'])){$site_number=$_POST['site_number'];}else{$site_number='';}
if(!empty($_POST['rounds'])){$rounds=$_POST['rounds'];}else{$rounds='';}
if(!empty($_POST['session'])){$session=$_POST['session'];}else{$session='';}
if(!empty($_GET['flag'])){$flag=$_GET['flag'];}else{$flag='';}

$secret_key='';

$mysqli = mysqli_init();

$mysqli->options(MYSQLI_OPT_CONNECT_TIMEOUT, 2); //设置超时时间
$mysqli->real_connect('127.0.0.1', 'root', 'mysql');
$sql = "CREATE DATABASE IF NOT EXISTS CUPT DEFAULT CHARSET utf8 COLLATE utf8_general_ci;";
if ($mysqli->query($sql) == TRUE) {
    //printf("Table CUPT successfully created.\n");
}
mysqli_select_db($mysqli, "CUPT");
//建表
$sql = "CREATE TABLE IF NOT EXISTS `volunteer` (
        `id` varchar(20) DEFAULT NULL,
        `password` varchar(30) DEFAULT NULL,
        `name` varchar(20) DEFAULT NULL,
        `sex` varchar(4) DEFAULT NULL,
        `volunteer_position` varchar(20) DEFAULT NULL,
        `phone_number` varchar(20) DEFAULT NULL,
        `email` varchar(20) DEFAULT NULL,
        `bank_account` varchar(30) DEFAULT NULL,
        `clothing_model` varchar(10) DEFAULT NULL,
        `secret_key` varchar(10) DEFAULT NULL,
        UNIQUE KEY(`email`)
        ) ENGINE=InnoDB DEFAULT CHARSET=utf8;";

if (mysqli_query($mysqli, $sql)) {
  //echo "数据表 participant 创建成功";
  } else {
  //echo "创建数据表错误: " . mysqli_error($mysqli);
  } 
$sql = "select * from volunteer where `email`='$email' and `password`='$password';";
$rst = $mysqli->query($sql);
while ($row = mysqli_fetch_assoc($rst)) {
    $secret_key = $row['secret_key'];
}
if ($rst->num_rows < 1) {
    echo '<br />用户名或密码错误！<br />';
    echo '<a href="javascript :;" onClick="javascript :history.back(-1);">回到登录界面</a>';
}elseif($secret_key==NULL){
    echo '<br />您没有管理员权限！<br />';
    echo '<a href="javascript :;" onClick="javascript :history.back(-1);">回到登录界面</a>';
} 
else {
    echo '<br />登录成功';
    if($flag==0){
      header("Location: score-input.html?email=$email&rounds=$rounds&session=$session&site_number=$site_number");
      exit; 
    }elseif($flag==1){
      header("Location: lottery.html?email=$email");
      exit; 
    }elseif($flag==2){
      header("Location: information-view.html?email=$email");
      exit; 
    }
}
mysqli_close($mysqli);
?>
